CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-10439

The eHRD CTMS from Sunnet has an Insecure Direct Object Reference (IDOR) vulnerability, allowing unauthenticated remote attackers to modify a specific parameter to access arbitrary files uploaded by any user.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 37.4%

CVSS Severity

CVSS v3 Score 5.3

References

https://www.twcert.org.tw/en/cp-139-8167-a2c0d-2.html
https://www.twcert.org.tw/tw/cp-132-8166-085c4-1.html

Products affected by CVE-2024-10439

Sun.net » Ehdr Ctms » Version: N/A

cpe:2.3:a:sun.net:ehdr_ctms:-
Sun.net » Ehdr Ctms » Version: 10.0

cpe:2.3:a:sun.net:ehdr_ctms:10.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-10439

Products

Pricing

Contact Us